Security and User Management

Owned by bcarlsen (Unlicensed)
Jun 01, 2015
1 min read

Overview

Documents the security and user management features.

This is a placeholder page with basic information and will be developed to fully document this aspect of the system.

Details

The security service provides authentication, authorization, and logout services. A user timeout is also supported so users do not remained logged in indefinitely. The default timeout is set to 2 hours and can be easily changed. All REST services are secured by the use of an authorization token that is obtained from the security service and passed to other calls.  For a truly secured environment, it is recommended that the system be run under HTTPS instead of HTTP. Otherwise usernames, passwords, and authorization tokens will be passed in plain text with HTTP requests.

TODO: explain how the security service also manages local application users

TODO: show configuration properties

TODO: explain provided security handlers

  • n/a